CN115694824A - Mimic server cryptographic machine model and secure communication method - Google Patents
Mimic server cryptographic machine model and secure communication method Download PDFInfo
- Publication number
- CN115694824A CN115694824A CN202211093186.0A CN202211093186A CN115694824A CN 115694824 A CN115694824 A CN 115694824A CN 202211093186 A CN202211093186 A CN 202211093186A CN 115694824 A CN115694824 A CN 115694824A
- Authority
- CN
- China
- Prior art keywords
- service
- service request
- request data
- management
- bracket
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides a mimic server cryptographic machine model and a secure communication method, wherein the mimic server cryptographic machine model comprises a business left bracket, a business right bracket and a business right bracket, wherein the business left bracket is used for receiving business request data, adding a label I to the received business request data and the like; a management left bracket for receiving the password management service request data, and adding a tag II and the like to the received password management service request data; the executive body pool is configured with N service executive bodies and M management executive bodies; and the right bracket is used for judging the service request data with the same label I and the corresponding check result, blocking the service request if the service request data passes the check result, and sending the service request data to a password card mounted by the right bracket if the service request data passes the check result. The invention has the advantages that the isomerism is carried out on two layers of management service and business service, the management service and the business service are provided with independent left bracket modules, the problems of loopholes and backdoors in the running environment of the server cipher machine are effectively solved, and the safety of the server cipher machine is improved.
Description
Technical Field
The invention relates to the technical field of mimicry defense, in particular to a mimicry server cryptographic machine model and a secure communication method.
Background
The server cipher machine (also called host encryption server) can independently or parallelly provide cipher service and key management for a plurality of application entities, and support a plurality of cipher algorithms, wherein the symmetric algorithms mainly comprise SM1, SM4, 3DES, AES and the like, and the asymmetric algorithms mainly comprise RSA, SM2 and the like. The server cipher machine can realize functions of data encryption and decryption, digital signature verification, key generation, key storage, key management and the like, is widely applied to server terminals of e-commerce, e-government affairs, CA authentication, online banking and the like, and can provide basic, efficient and stable cipher service for various safety application systems of e-government affairs, CA authentication, cloud storage, internet of things and the like.
The Server cipher machine is used as cipher service provider, and adopts B/S mode to provide cipher related service, the calling party sends command request to the cipher machine, the Server cipher machine analyzes and processes the command request, and the processed result is returned to the calling party in command response mode. Since the B/S is established over a wide area network and communication is usually performed through the network, the server crypto-engine is at risk of being called illegally, and the processing result returned by the server crypto-engine is also at risk of being tampered illegally.
From the above analysis, it is known that the security problem of the server crypto-engine is crucial. The security problem of the server cryptographic engine mainly depends on the security of the secret key and the security of the service operation carrier, so the intrinsic security problem of the server cryptographic engine can be solved into the problems of software and hardware leaks and backdoor. On one hand, the static, deterministic and single architecture systems of the traditional password equipment have gene defects in nature, and on the other hand, the basic software and hardware environments of the traditional password equipment, the network space and the communication network have similarity, so that the gene defect problems of the basic software and hardware environments are similar; thus, these factors result in vulnerabilities, backdoors, and, once utilized, are highly likely to pose a large-scale, persistent security threat and loss.
Therefore, how to improve the security of the server cryptographic engine operating environment becomes an urgent problem to be solved.
In order to solve the above problems, people are always seeking an ideal technical solution.
Disclosure of Invention
The invention aims to overcome the defects of the prior art, and provides a mimicry server cryptographic model and a secure communication method.
In order to achieve the purpose, the technical scheme adopted by the invention is as follows:
the invention provides a mimicry server cryptographic model in a first aspect, comprising:
the service left bracket is used for receiving the service request data, adding a label I to the received service request data and then distributing the service request data to each service executive in the executive pool; the system is also used for receiving response results I returned by each service execution body and judging the response results I;
the management left bracket is used for receiving the password management service request data, adding a label II to the received password management service request data and then distributing the data to each management executive in the executive pool; the system is also used for receiving response results II returned by each management executive body and judging the response results II;
the executive pool is configured with N service executors and M management executors;
the N service executors are respectively in communication connection with the service left brackets and used for receiving service request data from the service left brackets, performing rule check on the received service request data to generate corresponding check results, packaging the check results and the tags I and then sending the check results and the tags I to the right brackets together with the service request data; the system is also used for receiving a response result I returned by the right bracket and forwarding the response result I to the service left bracket;
the M management execution bodies are respectively in communication connection with the management left brackets and are used for receiving the password management service request data from the management left brackets, analyzing the received password management service request data and sending the label II and the analysis result to the right brackets; the system is also used for receiving a response result II returned by the right bracket and forwarding the response result II to the management left bracket;
the right bracket is respectively in communication connection with the service executive body and the management executive body and used for judging the service request data with the same label I and the corresponding check result, blocking the service request if the service request data passes the judgment, and sending the service request data which passes the judgment to the password card mounted on the right bracket if the service request data passes the judgment; the password card is also used for receiving a response result I generated by the password card and respectively transmitting the response result I to the N service executors; and the system is also used for judging the analysis result with the same label II, blocking the password management service request if the judgment is not passed, and responding the password management service request corresponding to the analysis result if the judgment is passed.
A second aspect of the present invention provides a secure communication method, the method comprising a service request data transmission phase and a password management service request data transmission phase, wherein,
and in the service request data transmission stage, the following steps are executed:
step A1, a service left bracket receives service request data, adds a label I to the received service request data and distributes the service request data to each service executive body in an executive body pool;
step A2, after receiving the service request data from the service left bracket, the service executive body performs rule check on the received service request data to generate a corresponding check result, encapsulates the check result and the label I, and then sends the check result and the label I to the right bracket together with the service request data;
step A3, the right brackets judge the service request data with the same label I and the corresponding checking results respectively, if the judgment is passed, the service request is blocked, and if the judgment is passed, the service request data passing the judgment is sent to the cipher card mounted by the right brackets;
step A4, the cipher card generates a response result I based on the service request data, and the response result I is transmitted to N service executors through the right brackets respectively;
step A5, the service executive body receives a response result I returned by the right bracket and forwards the response result I to the service left bracket;
step A6, the service left brackets receive response results I returned by each service executive, decide the response results I and output the response results I after the decision is passed;
in the stage of requesting data transmission by the password management service, the following steps are executed:
b1, the management left bracket receives the password management service request data, adds a label II to the received password management service request data and distributes the result to each management executive in the executive pool;
step B2, after receiving the password management service request data from the management left bracket, the management executive body analyzes the received password management service request data and sends a label II and an analysis result to the right bracket;
step B3, the right bracket judges the analysis result with the same label II, blocks the password management service request when the judgment is not passed, and responds to the password management service request corresponding to the analysis result after the judgment is passed;
step B4, the right bracket obtains a response result II and returns to the management left bracket through each management executive body;
step B5, the management left brackets receive response results II returned by each management executive body and judge the response results II; and outputting a response result II when the arbitration passes, and outputting exception arbitration information when the arbitration does not pass.
The invention has the beneficial effects that:
1) The invention provides a mimicry server cryptographic engine model and a secure communication method, wherein the mimicry server cryptographic engine model comprises a business left bracket, a management left bracket, an execution body pool and a right bracket, isomerism is carried out on two layers of a management service and a business service, and the management service and the business service are provided with independent left bracket modules, so that the problems of loopholes and backdoor existing in the running environment of a server cryptographic engine are effectively solved, and the security of the server cryptographic engine model is improved;
2) The existing password card and password chip are realized through hardware logic on the basis of a mature password algorithm, the security risk is low, the problem of vulnerability backdoor of a password machine host environment can be solved by using the mimic server password model, the security of password service data transmission is improved, the mimic technology and the password technology are fused, and the security of user data is further ensured;
3) The invention can be applied to the construction of a public key infrastructure system and an application system based on the public key infrastructure, is particularly suitable for large host systems such as a digital certificate authentication center, an authorization management center and the like, and improves the security of the data transmission of the cryptographic service.
Drawings
FIG. 1 is a schematic diagram of the structure of a mimicry server cryptographic model of the present invention;
fig. 2 is a first timing diagram of a service request data transmission phase according to the present invention;
FIG. 3 is a second timing diagram illustrating the service request data transmission phase of the present invention;
FIG. 4 is a first timing diagram illustrating a request data transmission phase of the SMSP of the present invention;
FIG. 5 is a second timing diagram illustrating the data transmission phase of the cryptographic management service request of the present invention.
Detailed Description
The technical solution of the present invention is further described in detail by the following embodiments.
Example 1
As shown in FIG. 1, a mimicry server cryptographic engine model includes a business left bracket, a management left bracket, an executive pool, and a right bracket; wherein, the first and the second end of the pipe are connected with each other,
the service left bracket is used for receiving the service request data, adding a label I to the received service request data and then distributing the service request data to each service executive in the executive pool; the system is also used for receiving response results I returned by each service execution body and judging the response results I; the service request data is cipher service request data, and specifically comprises data to be encrypted, data to be decrypted, data to be authenticated, a key index number and the like, the tag I adopts a random number with an X (such as X = 20) byte length, and the response result I is response data corresponding to the service request data, and specifically comprises cipher text data (response data corresponding to the data to be encrypted), plaintext data (response data corresponding to the data to be decrypted) and the like;
the management left bracket is used for receiving the password management service request data, adding a label II to the received password management service request data and distributing the data to each management executive in the executive pool; the system is also used for receiving response results II returned by each management executive body and judging the response results II; the password management service request data comprises a key management request, a system configuration request and the like so as to manage a key, manage and configure a password machine manager, an operator and an auditor, or manage and configure a network card, time and a log of the password machine, the label II adopts a random number with a Y (such as Y = 20) byte length, and the response result II comprises a configuration success message or a configuration failure message;
the executive pool is configured with N service executors and M management executors;
the N service executors are respectively in communication connection with the service left brackets and used for receiving service request data from the service left brackets, performing rule check on the received service request data to generate corresponding check results, packaging the check results and the tags I and then sending the check results and the tags I to the right brackets together with the service request data; the system is also used for receiving a response result I returned by the right bracket and forwarding the response result I to the service left bracket;
the M management execution bodies are respectively in communication connection with the management left brackets and are used for receiving the password management service request data from the management left brackets, analyzing the received password management service request data and sending the label II and the analysis result to the right brackets; the system is also used for receiving a response result II returned by the right bracket and forwarding the response result II to the management left bracket;
the right bracket is respectively in communication connection with the service executive body and the management executive body and used for judging the service request data with the same label I and the corresponding check result, blocking the service request if the service request data fails to pass the judgment, and sending the service request data which passes the judgment to a password card mounted on the right bracket if the service request data passes the judgment; the system is also used for receiving a response result I generated by the password card and respectively transmitting the response result I to the N service executors; and the system is also used for judging the analysis result with the same label II, blocking the password management service request if the judgment is not passed, and responding the password management service request corresponding to the analysis result if the judgment is passed.
It should be noted that the right bracket blocks the service request by not sending the service request data to the cryptographic card; correspondingly, the right bracket also blocks the password management service request by not responding to the analysis result.
The check result corresponding to the service request data refers to a rule check result, and the rule check result is generated according to GMT 0018-2012 cipher device application interface specification and is used for preventing interface data outside standards from operating a rear-end cipher card; after the label I and the inspection result are packaged according to a preset packaging format, the label I and the inspection result are transmitted together with service request data (password service request data); the right brackets select the data packets belonging to the same group according to the label I, and judge the inspection result and the service request data in the same group of data packets according to a preset strategy respectively;
specifically, the preset packaging format of the inspection result and the label i is as follows: length (4 Bytes big endian) + tag I (20 Bytes) + online service execution body information (24 Bytes) + interface type (1 Bytes) + status code (1 Bytes) + client IP (4 Bytes), the status code in the preset encapsulation format is used for representing the checking result; for example, if the online service executor determines that the data type corresponding to the received service request data matches the preset service data type and the data format corresponding to the service request data matches the preset service data format, a preset status code (e.g., 11111111) is generated to represent the check result.
Further, the mimicry server cryptographic engine model further includes a scheduling module, which is respectively connected in communication with the executive pool and the right bracket, and is configured to:
receiving first exception arbitration information from the right bracket, and cleaning and offline processing the exception service executive bodies in the executive body pool according to the first exception arbitration information; the first abnormal arbitration information is an arbitration result of service request data or an arbitration result of a check result with the same label I;
receiving second exception arbitration information from the right bracket, and cleaning and offline processing an exception management executive in the executive pool according to the second exception arbitration information; and the second abnormal judgment information is a judgment result of the analysis result with the same label II.
It is understood that the service left bracket, the management left bracket, the right bracket and the scheduling module constitute a mimic component, and the mimic component and an execution pool hardware platform (a hardware platform refers to a physical device carrying software to run) and the like constitute a mimic server cryptographic model. The embodiment is that the management service and the service are respectively provided with independent left brackets, and the management service and the service are configured by the left brackets independently and the right brackets in a shared manner, and are combined with the heterogeneous executors which simultaneously configure the service and the management service, so that isomerism is performed on two layers of the management service and the service, and the safety and reliability of the management configuration process and the service execution process are ensured.
The executive body pool is configured with N business executive bodies and M management executive bodies, management service and business service are provided for the outside, the management service refers to management of keys and the like, management configuration of a cipher machine manager, an operator, an auditor and the like is performed, management configuration of network cards, time, logs and the like of the cipher machine is performed, and the cipher business service refers to encryption and decryption service, signature and signature verification service and the like;
it should be noted that the service executors and the management executors in the executor pool are independent from each other, N and M are integers greater than or equal to 4, and in view of cost and efficiency, the number of online executors is 3, and the other executors are used for standby rotation.
Further, the scheduling module is further communicatively connected to the service left bracket and the management left bracket, respectively, and configured to: sending first configuration information to the service left bracket, wherein the first configuration information comprises online service executive body information and is used for appointing to receive the service executive body information of service request data;
and sending second configuration information to the management left bracket, wherein the second configuration information comprises online management executive body information and is used for agreeing to receive the management executive body information of the password management service request data.
It should be noted that, when the client generates the service request data, the service request data is transmitted to the service left bracket through a TCP (Transmission Control Protocol) communication channel; when the client generates password management service request data, transmitting the password management service request data to the management left bracket through an http communication channel;
as shown in fig. 1, the traffic left bracket is further configured to establish a TCP communication channel with the client, and is configured to receive traffic request data from the client; it should be noted that the password management Service provides a Web Service (Web Service) to the outside, so the management left bracket is also used for establishing an http (full name: hyper Text Transfer Protocol over Secure Socket Layer) communication channel with the client, and receiving the password management Service request data from the client;
and a TCP communication channel is established between the service left bracket and the service executive body, and an Http communication channel is established between the management left bracket and the management executive body.
It can be understood that the TCP communication channel established between the service left bracket and the client, and the TCP communication channel established between the service left bracket and the service executor are dedicated service data transmission channels;
the Http communication channel established between the management left bracket and the client and the Http communication channel established between the management left bracket and the management executive are dedicated management service data transmission channels;
the special service data transmission channel and the special management service data transmission channel are mutually independent, so that the service and the management service are mutually independent and parallel operation is realized; it should be noted that, before the pseudo-server cryptographic model is used, the pseudo-server cryptographic model needs to be initialized, and after the initialization is completed, the pseudo-server cryptographic model may also be managed and configured in a normal service request process.
It should be noted that, the service left bracket agent (copy and distribute) service request data adds a label to the service request data and distributes the service request data to the service executive, the service executive performs rule check on the service request data, adds the check result in front of the service request data, and forwards the result to the right bracket, the right bracket decides the service request data and the check result respectively, and blocks the service request in time when the decision is not passed, thereby avoiding the cipher card from being illegally called;
the service executive body also forwards a response result I (such as encrypted/decrypted data) returned by the right bracket to the service left bracket, the service left bracket judges the response result returned by the service executive body and returns the response result I after the judgment to the client, so that the response result I is prevented from being illegally tampered, and the security of the encrypted request data of the application system is improved.
The management left bracket provides password management service to the outside, proxies (copies and distributes) password management service request data, adds a label to the password management service request data and distributes the password management service request data to a management executive body, the management executive body provides key management and equipment management service to the outside, analyzes an analysis result (key management request and equipment management request data) and sends the analysis result to a right bracket, the right bracket judges the analysis result, and blocks the password management service request in time when the judgment is not passed, thereby avoiding the mimicry server cipher machine model from being illegally configured;
the management executive body also transmits a response result II returned by the right bracket to the management left bracket, and the management left bracket judges the response result II returned by each management executive body, so that the response result II is prevented from being illegally tampered, and the security of the password management request data of the management system is improved.
Example 2
On the basis of embodiment 1, this embodiment provides another specific implementation of a mimetic server cryptographic model;
specifically, the right bracket also mounts a USBKey, and the USBKey is used for performing identity authentication and authority authentication on the user sending the password management service request data;
the right bracket also mounts a file system, which is used for storing configuration information.
As shown in fig. 1, the right bracket is used for mounting a password card, a usb key and a file system, and password management service request data (key management data) and service request data need to be implemented by operating the password card, so that the password card is mounted on the right bracket at the rearmost of the mimicry protection to ensure the operation security of the password card, and the usb key is used for performing identity authentication and authority management on a user sending the password management service request data to ensure the security and reliability of the password management service.
The USBKey is used for identity authentication of an administrator/an operator/an auditor, corresponding permission can be obtained only by inserting the corresponding USBKey, and the operation related to the key can be used only by accessing the USBKey (similar to a bank U shield); the file system is used for storing configuration information, and the configuration information comprises information such as a cipher machine network card, time, logs and the like.
It should be noted that, when the management executor receives the password management service request data, it is first determined whether the operation corresponding to the password management service request data needs to be authenticated; if the authentication request is needed, initiating an authentication request to right brackets, if the authentication is needed, returning data of the web request, and if the authentication is not needed, prompting that the user is not authenticated;
specifically, the management executive judges whether the analysis result is matched with a preset password management service type, and if the analysis result is matched with the preset password management service type, the management executive sends an authentication request to the right bracket; the analysis result comprises a key management service, an equipment management service and an equipment configuration service, and the preset password management service type comprises the key management service, the equipment management service and the equipment configuration service;
after the right bracket receives the authentication request, calling the USBKey mounted by the right bracket to perform identity authentication and authority authentication on the user sending the password management service request data;
when the identity authentication and the authority authentication are not passed, the right bracket sends non-authentication prompt information to the management left bracket through the management executive body; and when the identity authentication and the authority authentication are passed, the right bracket receives the label II and the analysis result from the right bracket.
Specifically, the service left bracket provides a service SDK to the outside, and the service SDK is an API for facilitating a client to call the mimicry server cryptographic engine model interface.
Example 3
On the basis of the above embodiments, the present embodiment provides a secure communication method, as shown in fig. 2 to 5;
the secure communication method comprises a service request data transmission phase and a password management service request data transmission phase, wherein,
and in the service request data transmission stage, the following steps are executed:
step A1, a service left bracket receives service request data, adds a label I to the received service request data and distributes the service request data to each service executive in an executive pool;
step A2, after receiving the service request data from the service left bracket, the service executive body performs rule check on the received service request data to generate a corresponding check result, encapsulates the check result and the label I, and then sends the check result and the label I to the right bracket together with the service request data;
step A3, the right brackets judge the service request data with the same label I and the corresponding checking results respectively, if the judgment is passed, the service request is blocked, and if the judgment is passed, the service request data passing the judgment is sent to the cipher card mounted by the right brackets;
step A4, the cipher card generates a response result I based on the service request data, and the response result I is transmitted to N service executors through the right brackets respectively;
step A5, the service executive body receives a response result I returned by the right bracket and forwards the response result I to the service left bracket;
step A6, the service left brackets receive response results I returned by each service executive, decide the response results I and output the response results I after the decision is passed;
in the stage of requesting data transmission by the password management service, the following steps are executed:
b1, the management left bracket receives the password management service request data, adds a label II to the received password management service request data and distributes the result to each management executive in the executive pool;
step B2, after receiving the password management service request data from the management left bracket, the management executive body analyzes the received password management service request data and sends a label II and an analysis result to the right bracket; the analysis result comprises a key management service, an equipment configuration service and the like;
step B3, the right bracket judges the analysis result with the same label II, blocks the password management service request when the judgment is not passed, and responds to the password management service request corresponding to the analysis result after the judgment is passed;
step B4, the right bracket obtains a response result II and returns to the management left bracket through each management executive body;
step B5, the management left brackets receive response results II returned by each management executive body and judge the response results II; and outputting a response result II when the arbitration passes, and outputting exception arbitration information (to the scheduling module) when the arbitration does not pass.
The right brackets receive request data of the management executive body and the service executive body, arbitrate the data with the same label, and forward an exception arbitration result to the scheduling module; after filtering out the safe request data, requesting password service by the password card, and returning a response result to the service executive body or the management executive body;
it can be understood that, when the right bracket arbitrates the service request data and the corresponding check result with the same tag i in step A3, when the service left bracket accepts the response result i returned by each service executor to arbitrate in step A6, when the right bracket arbitrates the analysis result with the same tag ii in step B3, and when the management left bracket arbitrates the response result ii returned by each management executor in step B5, the adopted arbitration policy is a majority arbitration policy or a consistency arbitration policy.
Furthermore, in the process of arbitrating, the right bracket, the business bracket or the management bracket respectively sets data receiving time, and if the data receiving time is exceeded (such as 2 min), the corresponding executive body is judged to be an abnormal executive body.
It should be noted that, the service request data transmission stage and the password management service request data transmission stage do not have a sequence, and are two sets of parallel services (except initialization).
It can be understood that, the response result i in the step A4 is transmitted to the service left bracket through the right bracket and the service executive body, and in this process, the service executive body directly forwards the response result i to the service left bracket; and the service left bracket judges the received response result I so as to prevent the response result I output by the encryption card from being tampered by hackers due to the utilization of an operating system and code bugs.
In the step B3, the right bracket arbitrates the analysis result with the same tag ii, if the arbitration passes, the password management service request data is sent to the rear database or the password card, and if the arbitration fails, the current password management service request is blocked, and the problem (abnormal) executor is cleaned by turns.
Further, in step A2, the service execution body performs rule check on the received service request data, and when generating a corresponding check result, executes:
analyzing received service request data, acquiring the data type and the data format of the service request data, and respectively carrying out rule check on the data type and the data format of the service request data;
and judging whether the data type of the service request data is matched with a preset service data type, if so, judging whether the data format of the service request data is matched with a preset service data format, if so, judging that the rule check of the service request data is passed, otherwise, judging that the rule check of the service request data is not passed.
The preset service data type refers to a data type defined in an interface function in GMT 0018-2012 cipher device application interface specification, and the preset service data format refers to a data format defined in an interface function in GMT 0018-2012 cipher device application interface specification.
Further, the step B2 further includes the following steps:
the management executive body judges whether the analysis result is matched with a preset password management service type, if so, an authentication request is sent to the right bracket, and after the right bracket receives the authentication request, the USBKey mounted on the right bracket is called to carry out identity authentication and authority authentication on the user sending the password management service request data;
the analysis result comprises a key management service, an equipment management service and an equipment configuration service, and the preset password management service type comprises the key management service, the equipment management service and the equipment configuration service;
when the user sending the password management service request data is confirmed not to pass identity authentication and authority authentication, the right bracket sends non-authentication prompt information to the management left bracket through the management executive body;
and when the user sending the password management service request data is confirmed to pass identity authentication and authority authentication, the right bracket receives a label II and an analysis result from the right bracket.
Further, in the step A3, after the right bracket decides the service request data with the same tag i and the corresponding check result, the following steps are further performed: transmitting the abnormal arbitration information to a scheduling module, and carrying out cleaning offline processing on the service executives in the executor pool by the scheduling module according to the abnormal arbitration information;
and step B3, after the right bracket judges the analytic result with the same label II, the following steps are also executed: and transmitting the abnormal arbitration information to a scheduling module, and carrying out cleaning offline processing on the management executives in the executives pool by the scheduling module according to the abnormal arbitration information.
Finally, it should be noted that: the above examples are only for illustrating the technical solution of the present invention and not for limiting the same; although the present invention has been described in detail with reference to the preferred embodiments, those skilled in the art should understand that: modifications to the specific embodiments of the invention or equivalent substitutions for parts of the technical features may be made; without departing from the spirit of the invention, it is intended to cover all modifications within the scope of the invention as claimed.
Claims (10)
1. A mimicry server cryptographic model, comprising:
the service left bracket is used for receiving the service request data, adding a label I to the received service request data and then distributing the service request data to each service executive in the executive pool; the system is also used for receiving response results I returned by each service execution body and judging the response results I;
the management left bracket is used for receiving the password management service request data, adding a label II to the received password management service request data and distributing the data to each management executive in the executive pool; the system is also used for receiving response results II returned by each management executive body and judging the response results II;
the executive body pool is configured with N service executive bodies and M management executive bodies;
the N service executors are respectively in communication connection with the service left brackets and used for receiving service request data from the service left brackets, performing rule check on the received service request data to generate corresponding check results, packaging the check results and the tags I and then sending the check results and the tags I to the right brackets together with the service request data; the system is also used for receiving a response result I returned by the right bracket and forwarding the response result I to the service left bracket;
the M management execution bodies are respectively in communication connection with the management left brackets and are used for receiving the password management service request data from the management left brackets, analyzing the received password management service request data and sending the label II and the analysis result to the right brackets; the system is also used for receiving a response result II returned by the right bracket and forwarding the response result II to the management left bracket;
the right bracket is respectively in communication connection with the service executive body and the management executive body and used for judging the service request data with the same label I and the corresponding check result, blocking the service request if the service request data passes the judgment, and sending the service request data passing the judgment to the cryptographic card mounted on the right bracket if the service request data passes the judgment; the password card is also used for receiving a response result I generated by the password card and respectively transmitting the response result I to the N service executors; and the system is also used for judging the analysis result with the same label II, blocking the password management service request if the judgment is not passed, and responding the password management service request corresponding to the analysis result if the judgment is passed.
2. The mimicry server cryptographic model of claim 1, further comprising a scheduling module communicatively coupled to the executive pool and the right bracket, respectively, to:
receiving first exception arbitration information from the right bracket, and cleaning and offline processing the abnormal service executors in the executor pool according to the first exception arbitration information;
and receiving second exception resolution information from the right bracket, and performing cleaning offline processing on the exception management executors in the execution body pool according to the second exception resolution information.
3. The mimicry server cryptographic model of claim 1, wherein the traffic left bracket is further configured to establish a TCP communication channel with the client for receiving traffic request data from the client;
the management left bracket is also used for establishing an http communication channel with the client and receiving password management service request data from the client.
4. The mimicry server cryptographic model of claim 1, wherein the traffic left brace establishes a TCP communication channel with the traffic executor, and the management left brace establishes an Http communication channel with a management executor.
5. The mimicry server cryptographic model of claim 1, wherein the right bracket also mounts a USBKey for identity authentication and permission authentication of a user sending the cryptographic management service request data.
6. The mimicry server cryptographic model of claim 1, wherein the right bracket also mounts a file system, the file system to store configuration information.
7. A secure communication method, comprising a service request data transmission phase and a password management service request data transmission phase, wherein,
in the service request data transmission stage, the following steps are executed:
step A1, a service left bracket receives service request data, adds a label I to the received service request data and distributes the service request data to each service executive in an executive pool;
step A2, after receiving the service request data from the service left bracket, the service executive body performs rule check on the received service request data to generate a corresponding check result, encapsulates the check result and the label I, and then sends the check result and the label I to the right bracket together with the service request data;
step A3, the right brackets judge the service request data with the same label I and the corresponding checking results respectively, if the judgment is passed, the service request is blocked, and if the judgment is passed, the service request data passing the judgment is sent to the cipher card mounted by the right brackets;
step A4, the cipher card generates a response result I based on the service request data, and the response result I is transmitted to N service executors through the right brackets respectively;
step A5, the service executive body receives a response result I returned by the right bracket and forwards the response result I to the service left bracket;
step A6, the service left brackets receive response results I returned by each service executive, decide the response results I and output the response results I after the decision is passed;
in the stage of requesting data transmission by the password management service, the following steps are executed:
b1, the management left bracket receives the password management service request data, adds a label II to the received password management service request data and distributes the result to each management executive in the executive pool;
step B2, after receiving the password management service request data from the management left bracket, the management executive body analyzes the received password management service request data and sends a label II and an analysis result to the right bracket;
step B3, the right bracket judges the analysis result with the same label II, blocks the password management service request when the judgment is not passed, and responds to the password management service request corresponding to the analysis result after the judgment is passed;
step B4, the right bracket obtains a response result II and returns to the management left bracket through each management executive body;
step B5, the management left brackets receive response results II returned by each management executive body and judge the response results II; and outputting a response result II when the arbitration passes, and outputting exception arbitration information when the arbitration does not pass.
8. The secure communication method according to claim 7, wherein: the step B2 further comprises the following steps:
the management executive body judges whether the analysis result is matched with a preset password management service type, if so, an authentication request is sent to the right bracket, and after the right bracket receives the authentication request, the USBKey mounted on the right bracket is called to carry out identity authentication and authority authentication on the user sending the password management service request data; the analysis result comprises a key management service, an equipment management service and an equipment configuration service, and the preset password management service type comprises the key management service, the equipment management service and the equipment configuration service;
when the user sending the password management service request data is confirmed not to pass identity authentication and authority authentication, the right bracket sends non-authentication prompt information to the management left bracket through the management executive body;
and when the user sending the password management service request data is confirmed to pass identity authentication and authority authentication, the right bracket receives a label II and an analysis result from the right bracket.
9. The secure communication method according to claim 8, wherein in the step A2, the service executing entity performs rule check on the received service request data, and when generating a corresponding check result, executes:
analyzing received service request data, acquiring the data type and the data format of the service request data, and respectively carrying out rule check on the data type and the data format of the service request data;
and judging whether the data type of the service request data is matched with a preset service data type, if so, judging whether the data format of the service request data is matched with a preset service data format, if so, judging that the rule check of the service request data is passed, otherwise, judging that the rule check of the service request data is not passed.
10. The secure communication method according to claim 7, wherein in the step A3, after the right bracket arbitrates the service request data with the same tag i and the corresponding checking result, the following steps are further performed:
and transmitting the abnormal arbitration information to a scheduling module, and carrying out cleaning offline processing on the service executives in the executor pool by the scheduling module according to the abnormal arbitration information.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211093186.0A CN115694824A (en) | 2022-09-08 | 2022-09-08 | Mimic server cryptographic machine model and secure communication method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202211093186.0A CN115694824A (en) | 2022-09-08 | 2022-09-08 | Mimic server cryptographic machine model and secure communication method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN115694824A true CN115694824A (en) | 2023-02-03 |
Family
ID=85061657
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202211093186.0A Pending CN115694824A (en) | 2022-09-08 | 2022-09-08 | Mimic server cryptographic machine model and secure communication method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115694824A (en) |
-
2022
- 2022-09-08 CN CN202211093186.0A patent/CN115694824A/en active Pending
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109361668B (en) | Trusted data transmission method | |
| US20220294830A1 (en) | Distributed cloud-based security systems and methods | |
| US7039713B1 (en) | System and method of user authentication for network communication through a policy agent | |
| CN112422532B (en) | Service communication method, system and device and electronic equipment | |
| CA2664322C (en) | Securing distributed application information delivery | |
| Seo et al. | A security framework for a drone delivery service | |
| CN102111349A (en) | Security certificate gateway | |
| CN108769029B (en) | Authentication device, method and system for application system | |
| CN109525565B (en) | Defense method and system for short message interception attack | |
| US20160014077A1 (en) | System, Method and Process for Mitigating Advanced and Targeted Attacks with Authentication Error Injection | |
| CN108322488A (en) | The system that trust data is shared and distributes is realized in multiple car networkings | |
| WO2010011921A2 (en) | Http authentication and authorization management | |
| EP2311218B1 (en) | Http authentication and authorization management | |
| CN114553480B (en) | Cross-domain single sign-on method and device, electronic equipment and readable storage medium | |
| EP4274192A1 (en) | Access control method and apparatus, and network-side device, terminal and blockchain node | |
| WO2010011908A2 (en) | Http authentication and authorization management | |
| CN112865965B (en) | Train service data processing method and system based on quantum key | |
| US9485229B2 (en) | Object level encryption system including encryption key management system | |
| CN106576050B (en) | Three-tier security and computing architecture | |
| CN116881936A (en) | Trusted computing method and related equipment | |
| CN115694824A (en) | Mimic server cryptographic machine model and secure communication method | |
| EP1230777B1 (en) | Method and apparatus for providing redundant and resilient cryptographic services | |
| CN111651740B (en) | Trusted platform sharing system for distributed intelligent embedded system | |
| CN116633530A (en) | Quantum key transmission method, device and system | |
| Darwish et al. | Privacy and security of cloud computing: a comprehensive review of techniques and challenges |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB03 | Change of inventor or designer information |
Inventor after: Li Songze Inventor after: Guo Yiwei Inventor after: Lv Qingsong Inventor before: Li Songze |
|
| CB03 | Change of inventor or designer information |